Weekly Vulnerabilities Reports > December 7 to 13, 2020

Overview

428 new vulnerabilities reported during this period, including 65 critical vulnerabilities and 104 high severity vulnerabilities. This weekly summary report vulnerabilities in 408 products from 131 vendors including Apple, Microsoft, Debian, Mozilla, and Fedoraproject. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "Out-of-bounds Write", "Use After Free", and "Integer Overflow or Wraparound".

  • 304 reported vulnerabilities are remotely exploitables.
  • 6 reported vulnerabilities have public exploit available.
  • 93 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 309 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 63 reported vulnerabilities.
  • Apple has the most reported critical vulnerabilities, with 15 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

65 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-11 CVE-2020-15357 Askey OS Command Injection vulnerability in Askey Ap5100W Firmware 1.01.097

Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options.

10.0
2020-12-11 CVE-2020-29591 Docker Weak Password Requirements vulnerability in Docker Registry

Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user.

10.0
2020-12-11 CVE-2020-24634 Arubanetworks Command Injection vulnerability in Arubanetworks Arubaos

An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.

10.0
2020-12-11 CVE-2020-24633 Arubanetworks Classic Buffer Overflow vulnerability in Arubanetworks Arubaos

There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.

10.0
2020-12-10 CVE-2020-29311 Ubilling Command Injection vulnerability in Ubilling 1.0.9

Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software.

10.0
2020-12-10 CVE-2020-26201 Askey Weak Password Requirements vulnerability in Askey Ap5100W Firmware 1.01.097

Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level.

10.0
2020-12-10 CVE-2020-19527 Idreamsoft OS Command Injection vulnerability in Idreamsoft Icms 7.0.14

iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.

10.0
2020-12-10 CVE-2020-19142 Idreamsoft OS Command Injection vulnerability in Idreamsoft Icms 7.0.0

iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.

10.0
2020-12-10 CVE-2020-29667 Lanatmservice Insufficient Session Expiration vulnerability in Lanatmservice M3 ATM Monitoring System 6.1.0

In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration.

10.0
2020-12-09 CVE-2020-29659 Flexense Classic Buffer Overflow vulnerability in Flexense Dupscout 10.0.18

A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack.

10.0
2020-12-08 CVE-2020-29602 Irssi Unspecified vulnerability in Irssi Docker Image

The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29601 Docker Unspecified vulnerability in Docker Notary Docker Image

The official notary docker images before signer-0.6.1-1 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29581 Docker Unspecified vulnerability in Docker Spiped Alpine Docker Image

The official spiped docker images before 1.5-alpine contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29580 Docker Unspecified vulnerability in Docker Storm Docker Image

The official storm Docker images before 1.2.1 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29579 Express Gateway Unspecified vulnerability in Express-Gateway Docker Image

The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29577 ZNC Unspecified vulnerability in ZNC Docker Image

The official znc docker images before 1.7.1-slim contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29576 Eggheads Unspecified vulnerability in Eggheads Eggdrop Docker Image

The official eggdrop Docker images before 1.8.4rc2 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29575 Docker Unspecified vulnerability in Docker Elixir Alpine Docker Image

The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29564 Hashicorp Unspecified vulnerability in Hashicorp Consul Docker Image

The official Consul Docker images 0.7.1 through 1.4.2 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29578 Matomo Unspecified vulnerability in Matomo Piwik Fpm-Alpine Docker Image

The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user.

10.0
2020-12-11 CVE-2020-27134 Cisco Information Exposure vulnerability in Cisco Jabber and Jabber for Mobile Platforms

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.

9.9
2020-12-11 CVE-2020-27133 Cisco Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.

9.9
2020-12-11 CVE-2020-27132 Cisco Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.

9.9
2020-12-11 CVE-2020-27127 Cisco Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.

9.9
2020-12-11 CVE-2020-7788 INI Project
Debian
This affects the package ini before 1.3.6.
9.8
2020-12-11 CVE-2020-7540 Schneider Electric Missing Authentication for Critical Function vulnerability in Schneider-Electric products

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.

9.8
2020-12-09 CVE-2020-17529 Apache Out-of-bounds Write vulnerability in Apache Nuttx

Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header.

9.8
2020-12-08 CVE-2020-28274 Deepref Project Unspecified vulnerability in Deepref Project Deepref

Prototype pollution vulnerability in 'deepref' versions 1.1.1 through 1.2.1 allows attacker to cause a denial of service and may lead to remote code execution.

9.8
2020-12-08 CVE-2020-17531 Apache Deserialization of Untrusted Data vulnerability in Apache Tapestry

A Java Serialization vulnerability was found in Apache Tapestry 4.

9.8
2020-12-07 CVE-2020-29600 Awstats
Debian
Fedoraproject
Path Traversal vulnerability in multiple products

In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format.

9.8
2020-12-10 CVE-2020-16608 Notable Cross-site Scripting vulnerability in Notable 1.8.4

Notable 1.8.4 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true).

9.3
2020-12-09 CVE-2020-26970 Mozilla Out-of-bounds Write vulnerability in Mozilla Thunderbird

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte.

9.3
2020-12-09 CVE-2020-26969 Mozilla Out-of-bounds Write vulnerability in Mozilla Firefox

Mozilla developers reported memory safety bugs present in Firefox 82.

9.3
2020-12-09 CVE-2020-26968 Mozilla Out-of-bounds Write vulnerability in Mozilla Firefox

Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4.

9.3
2020-12-09 CVE-2020-26960 Mozilla Use After Free vulnerability in Mozilla Firefox

If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash.

9.3
2020-12-09 CVE-2020-26952 Mozilla Out-of-bounds Write vulnerability in Mozilla Firefox

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors.

9.3
2020-12-09 CVE-2020-26950 Mozilla Use After Free vulnerability in Mozilla Firefox

In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition.

9.3
2020-12-08 CVE-2020-27932 Apple Type Confusion vulnerability in Apple products

A type confusion issue was addressed with improved state handling.

9.3
2020-12-08 CVE-2020-27926 Apple Use After Free vulnerability in Apple Ipados and Iphone OS

A use after free issue was addressed with improved memory management.

9.3
2020-12-08 CVE-2020-27917 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

9.3
2020-12-08 CVE-2020-27916 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write was addressed with improved input validation.

9.3
2020-12-08 CVE-2020-27912 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write was addressed with improved input validation.

9.3
2020-12-08 CVE-2020-27911 Apple Integer Overflow or Wraparound vulnerability in Apple products

An integer overflow was addressed through improved input validation.

9.3
2020-12-08 CVE-2020-27910 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

9.3
2020-12-08 CVE-2020-27906 Apple Integer Overflow or Wraparound vulnerability in Apple Macos 10.15.7/11.0

Multiple integer overflows were addressed with improved input validation.

9.3
2020-12-08 CVE-2020-27905 Apple Unspecified vulnerability in Apple products

A memory corruption issue was addressed with improved state management.

9.3
2020-12-08 CVE-2020-27904 Apple Unspecified vulnerability in Apple Macos 11.0

A logic issue existed resulting in memory corruption.

9.3
2020-12-08 CVE-2020-27903 Apple Improper Privilege Management vulnerability in Apple Macos 11.0

This issue was addressed by removing the vulnerable code.

9.3
2020-12-08 CVE-2020-9965 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

9.3
2020-12-08 CVE-2020-9949 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

9.3
2020-12-08 CVE-2020-10016 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved state management.

9.3
2020-12-08 CVE-2020-10013 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

9.3
2020-12-11 CVE-2020-24383 Butok Out-of-bounds Read vulnerability in Butok Fnet

An issue was discovered in FNET through 4.6.4.

9.1
2020-12-11 CVE-2020-17467 Butok Out-of-bounds Read vulnerability in Butok Fnet

An issue was discovered in FNET through 4.6.4.

9.1
2020-12-10 CVE-2020-17142 Microsoft Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019

Microsoft Exchange Remote Code Execution Vulnerability

9.1
2020-12-10 CVE-2020-17132 Microsoft Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019

Microsoft Exchange Remote Code Execution Vulnerability

9.1
2020-12-09 CVE-2020-17528 Apache Out-of-bounds Write vulnerability in Apache Nuttx

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.

9.1
2020-12-11 CVE-2020-4633 IBM Improper Input Validation vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0

IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation.

9.0
2020-12-11 CVE-2020-24637 Arubanetworks Unspecified vulnerability in Arubanetworks Arubaos

Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot.

9.0
2020-12-10 CVE-2020-24445 Adobe Cross-site Scripting vulnerability in Adobe products

AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.

9.0
2020-12-10 CVE-2020-12594 Broadcom Improper Privilege Management vulnerability in Broadcom Symantec Messaging Gateway

A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance.

9.0
2020-12-09 CVE-2020-25499 Totolink Command Injection vulnerability in Totolink products

TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'.

9.0
2020-12-09 CVE-2020-26838 SAP OS Command Injection vulnerability in SAP Business Warehouse and Bw/4Hana

SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction.

9.0
2020-12-09 CVE-2020-26829 SAP Improper Authentication vulnerability in SAP Netweaver Application Server Java

SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication.

9.0
2020-12-07 CVE-2020-27151 Katacontainers Unspecified vulnerability in Katacontainers Kata Containers

An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1.

9.0

104 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-10 CVE-2020-17158 Microsoft Unspecified vulnerability in Microsoft Dynamics 365

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

8.8
2020-12-10 CVE-2020-17152 Microsoft Unspecified vulnerability in Microsoft Dynamics 365

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

8.8
2020-12-10 CVE-2020-17143 Microsoft Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019

Microsoft Exchange Server Information Disclosure Vulnerability

8.8
2020-12-10 CVE-2020-17121 Microsoft Unspecified vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Remote Code Execution Vulnerability

8.8
2020-12-08 CVE-2020-25629 Moodle Missing Authorization vulnerability in Moodle

A vulnerability was found in Moodle where users with "Log in as" capability in a course context (typically, course managers) may gain access to some site administration capabilities by "logging in as" a System manager.

8.8
2020-12-10 CVE-2020-17147 Microsoft Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.2/9.0

Dynamics CRM Webclient Cross-site Scripting Vulnerability

8.7
2020-12-10 CVE-2020-17095 Microsoft Unspecified vulnerability in Microsoft products

Windows Hyper-V Remote Code Execution Vulnerability

8.5
2020-12-10 CVE-2020-17144 Microsoft Deserialization of Untrusted Data vulnerability in Microsoft Exchange Server 2010

Microsoft Exchange Remote Code Execution Vulnerability

8.4
2020-12-10 CVE-2020-17141 Microsoft Unspecified vulnerability in Microsoft Exchange Server 2016/2019

Microsoft Exchange Remote Code Execution Vulnerability

8.4
2020-12-10 CVE-2020-17140 Microsoft Unspecified vulnerability in Microsoft products

Windows SMB Information Disclosure Vulnerability

8.1
2020-12-10 CVE-2020-17118 Microsoft Unspecified vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Remote Code Execution Vulnerability

8.1
2020-12-10 CVE-2020-17115 Microsoft Unspecified vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Server Spoofing Vulnerability

8.0
2020-12-11 CVE-2020-27786 Linux
Redhat
Netapp
Use After Free vulnerability in multiple products

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue.

7.8
2020-12-11 CVE-2020-27828 Jasper Project
Fedoraproject
Improper Input Validation vulnerability in multiple products

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23.

7.8
2020-12-11 CVE-2020-25191 NI Incorrect Permission Assignment for Critical Resource vulnerability in NI Compactrio Firmware

Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior to 20.5) remotely.

7.8
2020-12-10 CVE-2020-17159 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17156 Microsoft Unspecified vulnerability in Microsoft Visual Studio 2017

Visual Studio Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17150 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

Visual Studio Code Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17148 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17139 Microsoft Unspecified vulnerability in Microsoft products

Windows Overlay Filter Security Feature Bypass Vulnerability

7.8
2020-12-10 CVE-2020-17137 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

DirectX Graphics Kernel Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-17136 Microsoft Unspecified vulnerability in Microsoft products

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-17134 Microsoft Unspecified vulnerability in Microsoft products

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-17129 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17128 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17127 Microsoft Unspecified vulnerability in Microsoft Excel 2010

Microsoft Excel Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17125 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17124 Microsoft Unspecified vulnerability in Microsoft 365 Apps, Office and Powerpoint

Microsoft PowerPoint Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17123 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17122 Microsoft Unspecified vulnerability in Microsoft Office, Office web Apps and Sharepoint Server

Microsoft Excel Remote Code Execution Vulnerability

7.8
2020-12-10 CVE-2020-17092 Microsoft Unspecified vulnerability in Microsoft products

Windows Network Connections Service Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-16964 Microsoft Unspecified vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-16963 Microsoft Unspecified vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-16962 Microsoft Unspecified vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-16961 Microsoft Unspecified vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-16960 Microsoft Unspecified vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-16959 Microsoft Unspecified vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability

7.8
2020-12-10 CVE-2020-16958 Microsoft Unspecified vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability

7.8
2020-12-09 CVE-2020-16600 Artifex Use After Free vulnerability in Artifex Mupdf

A Use After Free vulnerability exists in Artifex Software, Inc.

7.8
2020-12-09 CVE-2020-29661 Linux
Fedoraproject
Debian
Netapp
Broadcom
Oracle
Improper Locking vulnerability in multiple products

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13.

7.8
2020-12-08 CVE-2020-27918 Apple
Fedoraproject
Debian
Webkitgtk
Use After Free vulnerability in multiple products

A use after free issue was addressed with improved memory management.

7.8
2020-12-08 CVE-2020-27909 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

7.8
2020-12-08 CVE-2020-10017 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write was addressed with improved input validation.

7.8
2020-12-08 CVE-2020-9996 Apple Use After Free vulnerability in Apple Iphone OS

A use after free issue was addressed with improved memory management.

7.8
2020-12-08 CVE-2020-9981 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

7.8
2020-12-08 CVE-2020-9966 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

7.8
2020-12-08 CVE-2020-10011 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

7.8
2020-12-08 CVE-2020-10010 Apple Path Traversal vulnerability in Apple products

A path handling issue was addressed with improved validation.

7.8
2020-12-08 CVE-2020-10004 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

7.8
2020-12-08 CVE-2020-10003 Apple Link Following vulnerability in Apple products

An issue existed within the path validation logic for symlinks.

7.8
2020-12-07 CVE-2020-29599 Imagemagick
Debian
XML Injection (aka Blind XPath Injection) vulnerability in multiple products

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files.

7.8
2020-12-07 CVE-2020-5798 Druva Improper Validation of Integrity Check Value vulnerability in Druva Insync 6.8.0

inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain privileges of a root user from a lower privileged user due to improper integrity checks and directory permissions.

7.8
2020-12-09 CVE-2020-26832 SAP Missing Authorization vulnerability in SAP Netweaver Application Server Abap and S/4 Hana

SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752, 2020 and SAP S4 HANA (SAP Landscape Transformation), versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should be restricted, however due to missing authorization an attacker can get access to some sensitive internal information of vulnerable SAP system or to make vulnerable SAP systems completely unavailable.

7.6
2020-12-12 CVE-2020-29563 Westerndigital Improper Authentication vulnerability in Westerndigital MY Cloud OS 5

An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118.

7.5
2020-12-11 CVE-2020-25112 Contiki OS Out-of-bounds Write vulnerability in Contiki-Os 3.0

An issue was discovered in the IPv6 stack in Contiki through 3.0.

7.5
2020-12-11 CVE-2020-25111 Contiki OS Out-of-bounds Write vulnerability in Contiki-Os 3.0

An issue was discovered in the IPv6 stack in Contiki through 3.0.

7.5
2020-12-11 CVE-2020-25110 Ethernut Out-of-bounds Read vulnerability in Ethernut Nut/Os 5.1

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1.

7.5
2020-12-11 CVE-2020-25109 Ethernut Out-of-bounds Read vulnerability in Ethernut Nut/Os 5.1

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1.

7.5
2020-12-11 CVE-2020-25108 Ethernut Out-of-bounds Write vulnerability in Ethernut Nut/Os 5.1

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1.

7.5
2020-12-11 CVE-2020-25107 Ethernut Out-of-bounds Read vulnerability in Ethernut Nut/Os 5.1

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1.

7.5
2020-12-11 CVE-2020-24338 Altran Out-of-bounds Write vulnerability in Altran Picotcp

An issue was discovered in picoTCP through 1.7.0.

7.5
2020-12-11 CVE-2020-24336 Contiki NG
Contiki OS
Classic Buffer Overflow vulnerability in multiple products

An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5.

7.5
2020-12-11 CVE-2020-17469 Butok Access of Uninitialized Pointer vulnerability in Butok Fnet

An issue was discovered in FNET through 4.6.4.

7.5
2020-12-11 CVE-2020-17468 Butok Out-of-bounds Read vulnerability in Butok Fnet

An issue was discovered in FNET through 4.6.4.

7.5
2020-12-11 CVE-2020-17439 UIP Project Improper Input Validation vulnerability in UIP Project UIP 1.0

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products.

7.5
2020-12-11 CVE-2020-17438 UIP Project Out-of-bounds Write vulnerability in UIP Project UIP 1.0

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products.

7.5
2020-12-11 CVE-2020-27730 F5
Netapp
Path Traversal vulnerability in multiple products

In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.

7.5
2020-12-11 CVE-2020-19165 Phpshe SQL Injection vulnerability in PHPshe 1.7

PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter.

7.5
2020-12-11 CVE-2020-7791 I18N Project Unspecified vulnerability in I18N Project I18N 2.1.1.0

This affects the package i18n before 2.1.15.

7.5
2020-12-11 CVE-2020-29574 Sophos SQL Injection vulnerability in Sophos Cyberoamos

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.

7.5
2020-12-11 CVE-2020-28440 Corenlp JS Interface Project Command Injection vulnerability in Corenlp-Js-Interface Project Corenlp-Js-Interface

All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.

7.5
2020-12-11 CVE-2020-28439 Corenlp JS Prefab Project Command Injection vulnerability in Corenlp-Js-Prefab Project Corenlp-Js-Prefab

This affects all versions of package corenlp-js-prefab.

7.5
2020-12-11 CVE-2020-7792 Moutjs Unspecified vulnerability in Moutjs Mout

This affects all versions of package mout.

7.5
2020-12-11 CVE-2020-13556 Opener Project Out-of-bounds Write vulnerability in Opener Project Opener 2.3

An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3.

7.5
2020-12-11 CVE-2020-17530 Apache
Oracle
Expression Language Injection vulnerability in multiple products

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

7.5
2020-12-11 CVE-2020-7543 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.

7.5
2020-12-11 CVE-2020-7542 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.

7.5
2020-12-11 CVE-2020-7539 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP.

7.5
2020-12-11 CVE-2020-7537 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.

7.5
2020-12-11 CVE-2020-7536 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP.

7.5
2020-12-11 CVE-2020-7535 Schneider Electric Path Traversal vulnerability in Schneider-Electric products

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP.

7.5
2020-12-11 CVE-2020-28215 Schneider Electric Missing Authorization vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7

A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbitrary code execution when access control checks are not applied consistently.

7.5
2020-12-10 CVE-2019-7198 Qnap Command Injection vulnerability in Qnap QTS and Quts Hero

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application.

7.5
2020-12-10 CVE-2020-12516 Wago Unspecified vulnerability in Wago products

Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.

7.5
2020-12-10 CVE-2020-17096 Microsoft Unspecified vulnerability in Microsoft products

Windows NTFS Remote Code Execution Vulnerability

7.5
2020-12-09 CVE-2020-29651 Pytest
Fedoraproject
Oracle
A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.
7.5
2020-12-08 CVE-2020-9991 Apple Unspecified vulnerability in Apple products

This issue was addressed with improved checks.

7.5
2020-12-08 CVE-2020-25889 Online BUS Booking System Project SQL Injection vulnerability in Online BUS Booking System Project Online BUS Booking System 1.0

Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page.

7.5
2020-12-08 CVE-2020-25692 Openldap
Redhat
Netapp
NULL Pointer Dereference vulnerability in multiple products

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs.

7.5
2020-12-07 CVE-2020-29597 Incomcms Project Unrestricted Upload of File with Dangerous Type vulnerability in Incomcms Project Incomcms 2.0

IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability.

7.5
2020-12-07 CVE-2020-29595 Acdsee Unspecified vulnerability in Acdsee Photo Studio 2021 14.0

PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa.

7.5
2020-12-07 CVE-2020-5800 EAT Spray Love Project Improper Authentication vulnerability in EAT Spray Love Project EAT Spray Love 2.0.20

The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to.

7.5
2020-12-07 CVE-2020-5799 EAT Spray Love Project Unspecified vulnerability in EAT Spray Love Project EAT Spray Love 2.0.20

The Eat Spray Love mobile app for both iOS and Android contains a backdoor account that, when modified, allowed privileged access to restricted functionality and to other users' data.

7.5
2020-12-10 CVE-2020-17002 Microsoft Unspecified vulnerability in Microsoft C SDK for Azure IOT

Azure SDK for C Security Feature Bypass Vulnerability

7.4
2020-12-10 CVE-2020-16971 Microsoft Unspecified vulnerability in Microsoft Azure SDK for Java

Azure SDK for Java Security Feature Bypass Vulnerability

7.4
2020-12-10 CVE-2020-4829 IBM Unspecified vulnerability in IBM AIX and Vios

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges.

7.2
2020-12-09 CVE-2020-10143 Macrium Improper Initialization vulnerability in Macrium Reflect

Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\.

7.2
2020-12-09 CVE-2020-2049 Paloaltonetworks Uncontrolled Search Path Element vulnerability in Paloaltonetworks Cortex XDR Agent 7.1/7.1.2/7.2

A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privileges.

7.2
2020-12-09 CVE-2020-27614 Anydesk Improper Privilege Management vulnerability in Anydesk

AnyDesk for macOS versions 6.0.2 and older have a vulnerability in the XPC interface that does not properly validate client requests and allows local privilege escalation.

7.2
2020-12-10 CVE-2020-17089 Microsoft Unspecified vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Elevation of Privilege Vulnerability

7.1
2020-12-08 CVE-2020-27752 Imagemagick Heap-based Buffer Overflow vulnerability in Imagemagick

A flaw was found in ImageMagick in MagickCore/quantum-private.h.

7.1
2020-12-08 CVE-2020-27950 Apple Improper Initialization vulnerability in Apple products

A memory initialization issue was addressed.

7.1
2020-12-08 CVE-2020-27822 Redhat Memory Leak vulnerability in Redhat Wildfly

A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final.

7.1
2020-12-10 CVE-2020-17103 Microsoft Unspecified vulnerability in Microsoft products

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

7.0

212 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-12 CVE-2020-29654 Westerndigital Uncontrolled Search Path Element vulnerability in Westerndigital Dashboard

Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that leads to compromise of the SYSTEM account.

6.9
2020-12-11 CVE-2020-5948 F5 Cross-site Scripting vulnerability in F5 products

On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.

6.8
2020-12-11 CVE-2020-29254 Tiki Cross-Site Request Forgery (CSRF) vulnerability in Tiki Tikiwiki Cms/Groupware 21.2

TikiWiki 21.2 allows templates to be edited without CSRF protection.

6.8
2020-12-11 CVE-2020-12149 Arubanetworks OS Command Injection vulnerability in Arubanetworks Edgeconnect Enterprise

The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input.

6.8
2020-12-11 CVE-2020-12148 Arubanetworks OS Command Injection vulnerability in Arubanetworks Edgeconnect Enterprise

A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance.

6.8
2020-12-11 CVE-2020-7789 Node Notifier Project OS Command Injection vulnerability in Node-Notifier Project Node-Notifier

This affects the package node-notifier before 9.0.0.

6.8
2020-12-11 CVE-2020-35135 Infolific Cross-Site Request Forgery (CSRF) vulnerability in Infolific Ultimate Category Excluder

The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder.php CSRF.

6.8
2020-12-11 CVE-2020-13520 Pixar
Apple
Out-of-bounds Write vulnerability in multiple products

An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files.

6.8
2020-12-11 CVE-2020-7560 Schneider Electric Write-what-where Condition vulnerability in Schneider-Electric Ecostruxure Control Expert and Unity PRO

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure™ Control Expert software.

6.8
2020-12-10 CVE-2020-17099 Microsoft Unspecified vulnerability in Microsoft products

Windows Lock Screen Security Feature Bypass Vulnerability

6.8
2020-12-09 CVE-2020-25199 WE CON Out-of-bounds Write vulnerability in We-Con Levistudiou

A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files.

6.8
2020-12-09 CVE-2020-26959 Mozilla Use After Free vulnerability in Mozilla Firefox

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash.

6.8
2020-12-08 CVE-2020-27930 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved input validation.

6.8
2020-12-08 CVE-2020-27927 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

6.8
2020-12-08 CVE-2020-9999 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

A memory corruption issue was addressed with improved state management.

6.8
2020-12-08 CVE-2020-9972 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

6.8
2020-12-08 CVE-2020-9954 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

6.8
2020-12-08 CVE-2020-9950 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

6.8
2020-12-08 CVE-2020-9947 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

6.8
2020-12-07 CVE-2020-9247 Huawei Classic Buffer Overflow vulnerability in Huawei products

There is a buffer overflow vulnerability in several Huawei products.

6.8
2020-12-09 CVE-2020-7337 Mcafee Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Virusscan Enterprise

Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.

6.7
2020-12-10 CVE-2020-17117 Microsoft Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019

Microsoft Exchange Remote Code Execution Vulnerability

6.6
2020-12-11 CVE-2020-9301 Linuxfoundation Deserialization of Untrusted Data vulnerability in Linuxfoundation Spinnaker

Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5.

6.5
2020-12-11 CVE-2020-25838 Microfocus Unspecified vulnerability in Microfocus Filr

Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product.

6.5
2020-12-10 CVE-2020-25967 Fastadmin Code Injection vulnerability in Fastadmin 1.0.0.20200506

The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability.

6.5
2020-12-10 CVE-2020-13526 Processmaker SQL Injection vulnerability in Processmaker 3.4.11

SQL injection vulnerability exists in the handling of sort parameters in ProcessMaker 3.4.11.

6.5
2020-12-10 CVE-2020-17133 Microsoft Unspecified vulnerability in Microsoft Dynamics NAV 2015

Microsoft Dynamics Business Central/NAV Information Disclosure

6.5
2020-12-10 CVE-2020-17130 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Excel

Microsoft Excel Security Feature Bypass Vulnerability

6.5
2020-12-10 CVE-2020-17119 Microsoft Unspecified vulnerability in Microsoft 365 Apps, Office and Outlook

Microsoft Outlook Information Disclosure Vulnerability

6.5
2020-12-10 CVE-2020-16996 Microsoft Unspecified vulnerability in Microsoft products

Kerberos Security Feature Bypass Vulnerability

6.5
2020-12-09 CVE-2020-26257 Matrix
Fedoraproject
Resource Exhaustion vulnerability in multiple products

Matrix is an ecosystem for open federated Instant Messaging and VoIP.

6.5
2020-12-09 CVE-2020-26837 SAP Path Traversal vulnerability in SAP Solution Manager 7.20

SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the modification of some configurations and partially compromise availability by making certain services unavailable.

6.5
2020-12-09 CVE-2020-23520 Txjia Unrestricted Upload of File with Dangerous Type vulnerability in Txjia Imcat 5.2

imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.

6.5
2020-12-08 CVE-2020-26256 C2Fo Resource Exhaustion vulnerability in C2Fo Fast-Csv

Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node.

6.5
2020-12-08 CVE-2020-9849 Apple Information Exposure vulnerability in Apple products

An information disclosure issue was addressed with improved state management.

6.5
2020-12-08 CVE-2020-26255 Getkirby Unrestricted Upload of File with Dangerous Type vulnerability in Getkirby Kirby

Kirby is a CMS.

6.5
2020-12-07 CVE-2020-26122 Inspur Improper Verification of Cryptographic Signature vulnerability in Inspur products

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges.

6.5
2020-12-11 CVE-2020-24341 Altran Out-of-bounds Read vulnerability in Altran Picotcp and Picotcp-Ng

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.

6.4
2020-12-11 CVE-2020-24334 UIP Project Out-of-bounds Read vulnerability in UIP Project UIP

The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the response data available in the DNS packet, leading to an out-of-bounds read and Denial-of-Service in resolv.c.

6.4
2020-12-11 CVE-2020-17441 Altran
Microchip
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in picoTCP 1.7.0.

6.4
2020-12-11 CVE-2020-17437 UIP Project
Open Iscsi Project
Siemens
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products.

6.4
2020-12-10 CVE-2020-17135 Microsoft Unspecified vulnerability in Microsoft Azure Devops Server 2019/2019.0.1

Azure DevOps Server Spoofing Vulnerability

6.4
2020-12-09 CVE-2020-7776 Phpoffice Cross-site Scripting vulnerability in PHPoffice PHPspreadsheet

This affects the package phpoffice/phpspreadsheet from 0.0.0.

6.4
2020-12-09 CVE-2020-29657 Jerryscript Out-of-bounds Read vulnerability in Jerryscript 2.3.0

In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.

6.4
2020-12-10 CVE-2020-7339 Mcafee Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mcafee Database Security 4.6.6

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors.

6.3
2020-12-08 CVE-2020-10014 Apple Path Traversal vulnerability in Apple mac OS X and Macos

A parsing issue in the handling of directory paths was addressed with improved path validation.

6.3
2020-12-11 CVE-2020-17515 Apache Cross-site Scripting vulnerability in Apache Airflow

The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit.

6.1
2020-12-10 CVE-2020-2498 Qnap Cross-site Scripting vulnerability in Qnap QTS and Quts Hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration.

6.1
2020-12-10 CVE-2020-2494 Qnap Cross-site Scripting vulnerability in Qnap Music Station

This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code.

6.1
2020-12-09 CVE-2020-26835 SAP Cross-site Scripting vulnerability in SAP Netweaver Application Server Abap

SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does not sufficiently encode URL which allows an attacker to input malicious java script in the URL which could be executed in the browser resulting in Reflected Cross-Site Scripting (XSS) vulnerability.

6.1
2020-12-08 CVE-2020-25664 Imagemagick
Fedoraproject
Heap-based Buffer Overflow vulnerability in multiple products

In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called.

6.1
2020-12-08 CVE-2020-10012 Apple Cross-site Scripting vulnerability in Apple mac OS X and Macos

An access issue was addressed with improved access restrictions.

6.1
2020-12-08 CVE-2020-27821 Qemu
Debian
Out-of-bounds Write vulnerability in multiple products

A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.

6.0
2020-12-08 CVE-2020-1971 Openssl
Debian
Fedoraproject
Oracle
Netapp
Tenable
Siemens
Nodejs
NULL Pointer Dereference vulnerability in multiple products

The X.509 GeneralName type is a generic type for representing different types of names.

5.9
2020-12-09 CVE-2020-26836 SAP Open Redirect vulnerability in SAP Solution Manager 7.20

SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the application URL and share it with the end user who could potentially become a victim of the attack.

5.8
2020-12-12 CVE-2020-35208 Logmein Improper Authentication vulnerability in Logmein Lastpass 4.8.11.2403

An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS.

5.7
2020-12-12 CVE-2020-35207 Logmein Improper Authentication vulnerability in Logmein Lastpass 4.8.11.2403

An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS.

5.7
2020-12-11 CVE-2020-27825 Linux
Redhat
Debian
Netapp
Race Condition vulnerability in multiple products

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1).

5.7
2020-12-10 CVE-2020-27350 Debian
Netapp
Integer Overflow or Wraparound vulnerability in multiple products

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc.

5.7
2020-12-10 CVE-2020-17138 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

Windows Error Reporting Information Disclosure Vulnerability

5.5
2020-12-10 CVE-2020-17126 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Information Disclosure Vulnerability

5.5
2020-12-10 CVE-2020-17098 Microsoft Unspecified vulnerability in Microsoft products

Windows GDI+ Information Disclosure Vulnerability

5.5
2020-12-10 CVE-2020-17094 Microsoft Unspecified vulnerability in Microsoft products

Windows Error Reporting Information Disclosure Vulnerability

5.5
2020-12-09 CVE-2020-16599 GNU
Netapp
NULL Pointer Dereference vulnerability in multiple products

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

5.5
2020-12-09 CVE-2020-16593 GNU
Netapp
NULL Pointer Dereference vulnerability in multiple products

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.

5.5
2020-12-09 CVE-2020-16592 GNU
Netapp
Fedoraproject
Use After Free vulnerability in multiple products

A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

5.5
2020-12-09 CVE-2020-16591 GNU
Netapp
Out-of-bounds Read vulnerability in multiple products

A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif.

5.5
2020-12-09 CVE-2020-16590 GNU
Netapp
Double Free vulnerability in multiple products

A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.

5.5
2020-12-09 CVE-2020-16589 Openexr
Debian
Out-of-bounds Write vulnerability in multiple products

A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.

5.5
2020-12-09 CVE-2020-16588 Openexr
Debian
NULL Pointer Dereference vulnerability in multiple products

A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.

5.5
2020-12-09 CVE-2020-16587 Openexr
Debian
Out-of-bounds Write vulnerability in multiple products

A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.

5.5
2020-12-09 CVE-2020-26834 SAP Improper Authentication vulnerability in SAP Hana Database 2.00

SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication.

5.5
2020-12-09 CVE-2020-26831 SAP Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 4.1/4.2/4.3

SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to internal file disclosure, internal directories disclosure, Server-Side Request Forgery (SSRF) and denial-of-service (DoS).

5.5
2020-12-09 CVE-2020-26830 SAP Missing Authorization vulnerability in SAP Solution Manager 7.20

SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, does not perform necessary authorization checks for an authenticated user.

5.5
2020-12-09 CVE-2020-26828 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Disclosure Management 10.1

SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type.

5.5
2020-12-09 CVE-2020-26260 Bookstackapp Injection vulnerability in Bookstackapp Bookstack

BookStack is a platform for storing and organising information and documentation.

5.5
2020-12-08 CVE-2020-27896 Apple Path Traversal vulnerability in Apple mac OS X and Macos

A path handling issue was addressed with improved validation.

5.5
2020-12-08 CVE-2020-27756 Imagemagick Divide By Zero vulnerability in Imagemagick

In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior.

5.5
2020-12-08 CVE-2020-27750 Imagemagick
Debian
Divide By Zero vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h.

5.5
2020-12-08 CVE-2020-25676 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function.

5.5
2020-12-08 CVE-2020-25674 Imagemagick
Debian
Heap-based Buffer Overflow vulnerability in multiple products

WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow.

5.5
2020-12-08 CVE-2020-25667 Imagemagick Heap-based Buffer Overflow vulnerability in Imagemagick

TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick.

5.5
2020-12-08 CVE-2020-25665 Imagemagick
Debian
Out-of-bounds Read vulnerability in multiple products

The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256.

5.5
2020-12-08 CVE-2020-9989 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved deletion.

5.5
2020-12-08 CVE-2020-9988 Apple Unspecified vulnerability in Apple Iphone OS

The issue was addressed with improved deletion.

5.5
2020-12-08 CVE-2020-9977 Apple Improper Input Validation vulnerability in Apple mac OS X

A validation issue existed in the entitlement verification.

5.5
2020-12-08 CVE-2020-9974 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

5.5
2020-12-08 CVE-2020-9969 Apple Unspecified vulnerability in Apple products

An access issue was addressed with additional sandbox restrictions.

5.5
2020-12-08 CVE-2020-10009 Apple Unspecified vulnerability in Apple mac OS X

A logic issue was addressed with improved state management.

5.5
2020-12-08 CVE-2020-10007 Apple Unspecified vulnerability in Apple mac OS X

A logic issue was addressed with improved state management.

5.5
2020-12-08 CVE-2020-10006 Apple Unspecified vulnerability in Apple mac OS X

This issue was addressed with improved entitlements.

5.5
2020-12-08 CVE-2020-10002 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

5.5
2020-12-07 CVE-2020-28935 Nlnetlabs
Debian
Link Following vulnerability in multiple products

NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack.

5.5
2020-12-07 CVE-2020-17521 Apache
Netapp
Oracle
Apache Groovy provides extension methods to aid with creating temporary directories.
5.5
2020-12-07 CVE-2020-26513 Intland XXE vulnerability in Intland Codebeamer 10.0.0/10.0.1/10.1.0

An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4.

5.5
2020-12-11 CVE-2020-35132 Phpldapadmin Project
Fedoraproject
Cross-site Scripting vulnerability in multiple products

An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.

5.4
2020-12-10 CVE-2020-17145 Microsoft Unspecified vulnerability in Microsoft Azure Devops Server and Team Foundation Server

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability

5.4
2020-12-12 CVE-2020-35176 Awstats
Debian
Fedoraproject
Path Traversal vulnerability in multiple products

In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format.

5.3
2020-12-11 CVE-2020-17470 Butok Use of Insufficiently Random Values vulnerability in Butok Fnet

An issue was discovered in FNET through 4.6.4.

5.3
2020-12-11 CVE-2020-26421 Wireshark
Fedoraproject
Debian
Oracle
Out-of-bounds Read vulnerability in multiple products

Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

5.3
2020-12-11 CVE-2020-26420 Wireshark
Fedoraproject
Oracle
Memory Leak vulnerability in multiple products

Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

5.3
2020-12-11 CVE-2020-26419 Wireshark
Fedoraproject
Oracle
Memory Leak vulnerability in multiple products

Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.

5.3
2020-12-11 CVE-2020-26418 Wireshark
Fedoraproject
Debian
Oracle
Memory Leak vulnerability in multiple products

Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

5.3
2020-12-11 CVE-2020-7549 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP.

5.3
2020-12-11 CVE-2020-7541 Schneider Electric Forced Browsing vulnerability in Schneider-Electric products

A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP.

5.3
2020-12-10 CVE-2020-17120 Microsoft Unspecified vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Information Disclosure Vulnerability

5.3
2020-12-11 CVE-2020-28220 Schneider Electric Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Modicon M258 Firmware, Somachine and Somachine Motion

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file transferred to the webserver is not verified.

5.2
2020-12-11 CVE-2020-35175 Frappe Improper Input Validation vulnerability in Frappe

Frappe Framework 12 and 13 does not properly validate the HTTP method for the frappe.client API.

5.0
2020-12-11 CVE-2020-24340 Altran Out-of-bounds Read vulnerability in Altran Picotcp and Picotcp-Ng

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.

5.0
2020-12-11 CVE-2020-24339 Altran Out-of-bounds Read vulnerability in Altran Picotcp and Picotcp-Ng

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.

5.0
2020-12-11 CVE-2020-24337 Altran Infinite Loop vulnerability in Altran Picotcp and Picotcp-Ng

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.

5.0
2020-12-11 CVE-2020-17445 Altran Out-of-bounds Read vulnerability in Altran Picotcp

An issue was discovered in picoTCP 1.7.0.

5.0
2020-12-11 CVE-2020-17444 Altran Integer Overflow or Wraparound vulnerability in Altran Picotcp

An issue was discovered in picoTCP 1.7.0.

5.0
2020-12-11 CVE-2020-17443 Altran Integer Overflow or Wraparound vulnerability in Altran Picotcp

An issue was discovered in picoTCP 1.7.0.

5.0
2020-12-11 CVE-2020-17442 Altran Integer Overflow or Wraparound vulnerability in Altran Picotcp

An issue was discovered in picoTCP 1.7.0.

5.0
2020-12-11 CVE-2020-17440 UIP Project Unspecified vulnerability in UIP Project UIP 1.0

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products.

5.0
2020-12-11 CVE-2020-13988 Contiki NG Integer Overflow or Wraparound vulnerability in Contiki-Ng

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-13987 UIP Project
Open Iscsi Project
Siemens
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-13986 Contiki OS Infinite Loop vulnerability in Contiki-Os Contiki

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-13985 Contiki OS Integer Overflow or Wraparound vulnerability in Contiki-Os Contiki

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-13984 Contiki OS Infinite Loop vulnerability in Contiki-Os Contiki

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-5950 F5 Resource Exhaustion vulnerability in F5 Big-Ip Advanced Firewall Manager

On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.

5.0
2020-12-11 CVE-2020-5949 F5 Unspecified vulnerability in F5 products

On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.

5.0
2020-12-11 CVE-2020-35149 Mquery Project Unspecified vulnerability in Mquery Project Mquery

lib/utils.js in mquery before 3.2.3 allows a pollution attack because a special property (e.g., __proto__) can be copied during a merge or clone operation.

5.0
2020-12-11 CVE-2020-27713 F5 Memory Leak vulnerability in F5 Big-Ip Advanced Firewall Manager 13.1.3.4

In certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.

5.0
2020-12-11 CVE-2020-27508 Frappe Unspecified vulnerability in Frappe

In two-factor authentication, the system also sending 2fa secret key in response, which enables an intruder to breach the 2fa security.

5.0
2020-12-11 CVE-2020-7793 UA Parser JS Project
Siemens
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).
5.0
2020-12-11 CVE-2020-7790 Spatie Path Traversal vulnerability in Spatie Browsershot

This affects the package spatie/browsershot from 0.0.0.

5.0
2020-12-11 CVE-2020-26417 Gitlab Information Exposure vulnerability in Gitlab

Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership.

5.0
2020-12-11 CVE-2020-26413 Gitlab Information Exposure vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2.

5.0
2020-12-11 CVE-2020-26408 Gitlab Information Exposure vulnerability in Gitlab

A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an attacker to view limited information in user's private profile

5.0
2020-12-11 CVE-2020-13530 Opener Project Operation on a Resource after Expiration or Release vulnerability in Opener Project Opener 2.3

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3.

5.0
2020-12-11 CVE-2020-28217 Schneider Electric Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

5.0
2020-12-11 CVE-2020-28216 Schneider Electric Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

5.0
2020-12-10 CVE-2020-26269 Google Out-of-bounds Read vulnerability in Google Tensorflow 2.4.0

In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the directories.

5.0
2020-12-10 CVE-2020-29666 Lanatmservice Unspecified vulnerability in Lanatmservice M3 ATM Monitoring System 6.1.0

In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and the predefined developer's cookie value.

5.0
2020-12-10 CVE-2020-24444 Adobe Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Forms Add-On 6.4.8.2/6.5.6.0

AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability.

5.0
2020-12-09 CVE-2020-28086 Zx2C4 Improper Authentication vulnerability in Zx2C4 Password-Store

pass through 1.7.3 has a possibility of using a password for an unintended resource.

5.0
2020-12-09 CVE-2020-7787 React Adal Project Improper Authentication vulnerability in React-Adal Project React-Adal

This affects all versions of package react-adal.

5.0
2020-12-09 CVE-2020-29656 Asus Information Exposure vulnerability in Asus Rt-Ac88U Firmware

An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108.

5.0
2020-12-09 CVE-2020-29655 Asus Injection vulnerability in Asus Rt-Ac88U Firmware

An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108.

5.0
2020-12-08 CVE-2020-28946 Plummac Insufficiently Protected Credentials vulnerability in Plummac Ik-401 Firmware

An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credential data.

5.0
2020-12-08 CVE-2020-14207 Divebook Project SQL Injection vulnerability in Divebook Project Divebook 1.1.4

The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing unauthenticated users to retrieve data from the database via the divelog.php filter_diver parameter.

5.0
2020-12-08 CVE-2020-14205 Divebook Project Missing Authorization vulnerability in Divebook Project Divebook 1.1.4

The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks.

5.0
2020-12-08 CVE-2020-26254 Omniauth Apple Project Authentication Bypass by Spoofing vulnerability in Omniauth-Apple Project Omniauth-Apple

omniauth-apple is the OmniAuth strategy for "Sign In with Apple" (RubyGem omniauth-apple).

5.0
2020-12-08 CVE-2020-29540 Systransoft Resource Exhaustion vulnerability in Systransoft Pure Neural Server

API calls in the Translation API feature in Systran Pure Neural Server before 9.7.0 allow a threat actor to use the Systran Pure Neural Server as a Denial-of-Service proxy by sending a large amount of translation requests to a destination host on any given TCP port regardless of whether a web service is running on the destination port.

5.0
2020-12-08 CVE-2020-25630 Moodle Resource Exhaustion vulnerability in Moodle

A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk.

5.0
2020-12-11 CVE-2020-35126 Typesettercms Cross-site Scripting vulnerability in Typesettercms Typesetter

Typesetter CMS 5.x through 5.1 allows admins to conduct Site Title persistent XSS attacks via an Admin/Configuration URI.

4.8
2020-12-11 CVE-2020-15375 Broadcom Improper Input Validation vulnerability in Broadcom Fabric Operating System

Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked.

4.6
2020-12-10 CVE-2020-26266 Google Use of Uninitialized Resource vulnerability in Google Tensorflow

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution.

4.6
2020-12-09 CVE-2020-29660 Linux
Fedoraproject
Debian
Netapp
Broadcom
Improper Locking vulnerability in multiple products

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13.

4.4
2020-12-12 CVE-2020-35200 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS.

4.3
2020-12-11 CVE-2020-29455 Smartystreets Cross-site Scripting vulnerability in Smartystreets Liveaddressplugin.Js 3.2

A cross-Site Scripting (XSS) vulnerability in this.showInvalid and this.showInvalidCountry in SmartyStreets liveAddressPlugin.js 3.2 allows remote attackers to inject arbitrary web script or HTML via any address parameter (e.g., street or country).

4.3
2020-12-11 CVE-2020-15023 Askey Use of Insufficiently Random Values vulnerability in Askey Ap5100W Firmware 1.01.097

Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking.

4.3
2020-12-11 CVE-2020-28218 Schneider Electric Improper Restriction of Rendered UI Layers or Frames vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to trick a user into initiating an unintended action.

4.3
2020-12-10 CVE-2020-26267 Google Out-of-bounds Read vulnerability in Google Tensorflow

In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes.

4.3
2020-12-10 CVE-2020-2497 Qnap Cross-site Scripting vulnerability in Qnap QTS and Quts Hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs.

4.3
2020-12-10 CVE-2020-2496 Qnap Cross-site Scripting vulnerability in Qnap QTS and Quts Hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station.

4.3
2020-12-10 CVE-2020-2495 Qnap Cross-site Scripting vulnerability in Qnap QTS and Quts Hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station.

4.3
2020-12-10 CVE-2020-2493 Qnap Cross-site Scripting vulnerability in Qnap Multimedia Console

This cross-site scripting vulnerability in Multimedia Console allows remote attackers to inject malicious code.

4.3
2020-12-10 CVE-2020-2491 Qnap Cross-site Scripting vulnerability in Qnap Photo Station

This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code.

4.3
2020-12-10 CVE-2020-17153 Microsoft Unspecified vulnerability in Microsoft Edge

Microsoft Edge for Android Spoofing Vulnerability

4.3
2020-12-09 CVE-2020-29258 Online Examination System Project Cross-site Scripting vulnerability in Online Examination System Project Online Examination System 1.0

Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the w parameter to index.php.

4.3
2020-12-09 CVE-2020-29257 Online Examination System Project Cross-site Scripting vulnerability in Online Examination System Project Online Examination System 1.0

Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php.

4.3
2020-12-09 CVE-2020-26967 Mozilla Unspecified vulnerability in Mozilla Firefox

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page.

4.3
2020-12-09 CVE-2020-26966 Mozilla Unspecified vulnerability in Mozilla Firefox

Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak.

4.3
2020-12-09 CVE-2020-26965 Mozilla Improper Cross-boundary Removal of Sensitive Data vulnerability in Mozilla Firefox

Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password.

4.3
2020-12-09 CVE-2020-26963 Mozilla Unspecified vulnerability in Mozilla Firefox

Repeated calls to the history and location interfaces could have been used to hang the browser.

4.3
2020-12-09 CVE-2020-26962 Mozilla Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated.

4.3
2020-12-09 CVE-2020-26961 Mozilla Unspecified vulnerability in Mozilla Firefox

When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver.

4.3
2020-12-09 CVE-2020-26958 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox

Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker.

4.3
2020-12-09 CVE-2020-26957 Mozilla Improper Initialization vulnerability in Mozilla Firefox 80.0

OneCRL was non-functional in the new Firefox for Android due to a missing service initialization.

4.3
2020-12-09 CVE-2020-26956 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox

In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS.

4.3
2020-12-09 CVE-2020-26955 Mozilla Reliance on Cookies without Validation and Integrity Checking vulnerability in Mozilla Firefox 80.0

When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original and subsequent request were in private and non-private browsing modes.

4.3
2020-12-09 CVE-2020-26954 Mozilla Unspecified vulnerability in Mozilla Firefox 80.0

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins.

4.3
2020-12-09 CVE-2020-26953 Mozilla Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox

It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user.

4.3
2020-12-09 CVE-2020-26951 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization.

4.3
2020-12-09 CVE-2020-25627 Moodle Cross-site Scripting vulnerability in Moodle 3.9.0/3.9.1/3.9.2

The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk.

4.3
2020-12-08 CVE-2020-27755 Imagemagick Memory Leak vulnerability in Imagemagick

in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size.

4.3
2020-12-08 CVE-2020-27753 Imagemagick Memory Leak vulnerability in Imagemagick

There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file.

4.3
2020-12-08 CVE-2020-27929 Apple Unspecified vulnerability in Apple Iphone OS

A logic issue existed in the handling of Group FaceTime calls.

4.3
2020-12-08 CVE-2020-27900 Apple Information Exposure vulnerability in Apple Macos 10.15.7/11.0

An issue existed in the handling of snapshots.

4.3
2020-12-08 CVE-2020-27898 Apple Unchecked Return Value vulnerability in Apple Macos 11.0

A denial of service issue was addressed with improved state handling.

4.3
2020-12-08 CVE-2020-27895 Apple Information Exposure vulnerability in Apple Itunes

An information disclosure issue existed in the transition of program state.

4.3
2020-12-08 CVE-2020-25663 Imagemagick Use After Free vulnerability in Imagemagick

A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called.

4.3
2020-12-08 CVE-2020-9993 Apple Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple products

The issue was addressed with improved UI handling.

4.3
2020-12-08 CVE-2020-9987 Apple Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari

An inconsistent user interface issue was addressed with improved state management.

4.3
2020-12-08 CVE-2020-9963 Apple Unspecified vulnerability in Apple Ipados and Iphone OS

The issue was addressed with improved handling of icon caches.

4.3
2020-12-08 CVE-2020-9945 Apple Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple mac OS X

A spoofing issue existed in the handling of URLs.

4.3
2020-12-08 CVE-2020-9944 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

4.3
2020-12-08 CVE-2020-9943 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

4.3
2020-12-08 CVE-2020-9942 Apple Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari

An inconsistent user interface issue was addressed with improved state management.

4.3
2020-12-08 CVE-2020-9922 Apple Unspecified vulnerability in Apple mac OS X

A logic issue was addressed with improved state management.

4.3
2020-12-08 CVE-2020-27894 Apple Unspecified vulnerability in Apple Macos 11.0/11.0.1

The issue was addressed with additional user controls.

4.3
2020-12-08 CVE-2020-14206 Divebook Project Cross-site Scripting vulnerability in Divebook Project Divebook 1.1.4

The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XSS within the filter function (via an arbitrary parameter).

4.3
2020-12-08 CVE-2020-26253 Getkirby Origin Validation Error vulnerability in Getkirby Kirby

Kirby is a CMS.

4.3
2020-12-08 CVE-2020-25631 Moodle Cross-site Scripting vulnerability in Moodle

A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 to 3.7.7 where it was possible to include JavaScript in a book's chapter title, which was not escaped on the "Add new chapter" page.

4.3
2020-12-08 CVE-2020-25628 Moodle Cross-site Scripting vulnerability in Moodle

The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk.

4.3
2020-12-07 CVE-2020-28727 Seeddms Cross-site Scripting vulnerability in Seeddms 6.0.13

Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php.

4.3
2020-12-10 CVE-2020-17131 Microsoft Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge

Chakra Scripting Engine Memory Corruption Vulnerability

4.2
2020-12-11 CVE-2020-15376 Broadcom Unspecified vulnerability in Broadcom Fabric Operating System

Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups.

4.0
2020-12-11 CVE-2020-26264 Ethereum Resource Exhaustion vulnerability in Ethereum GO Ethereum

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.

4.0
2020-12-11 CVE-2020-26411 Gitlab Improper Resource Shutdown or Release vulnerability in Gitlab

A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2).

4.0
2020-12-11 CVE-2020-26415 Gitlab Information Exposure vulnerability in Gitlab

Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API.

4.0
2020-12-11 CVE-2020-26412 Gitlab Information Exposure vulnerability in Gitlab

Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2.

4.0
2020-12-11 CVE-2020-13357 Gitlab Authorization Bypass Through User-Controlled Key vulnerability in Gitlab

An issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >= 13.6 to <13.6.2 allowed an unauthorized user to access the user list corresponding to a feature flag in a project.

4.0
2020-12-11 CVE-2020-26409 Gitlab Improper Input Validation vulnerability in Gitlab

A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.

4.0
2020-12-10 CVE-2019-4738 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system.

4.0
2020-12-10 CVE-2020-12595 Broadcom Unspecified vulnerability in Broadcom Symantec Messaging Gateway

An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access.

4.0
2020-12-09 CVE-2020-26826 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Netweaver Application Server Java 7.31/7.40/7.50

Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.

4.0
2020-12-09 CVE-2020-26964 Mozilla Unspecified vulnerability in Mozilla Firefox 80.0

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content.

4.0
2020-12-07 CVE-2020-13945 Apache Unspecified vulnerability in Apache Apisix

In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules.

4.0

47 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-11 CVE-2020-24447 Adobe Uncontrolled Search Path Element vulnerability in Adobe Lightroom 10.0/9.2.0.10/9.3

Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user.

3.7
2020-12-11 CVE-2020-24440 Adobe Uncontrolled Search Path Element vulnerability in Adobe Prelude 9.0/9.0.1

Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user.

3.7
2020-12-10 CVE-2020-29668 Sympa
Fedoraproject
Debian
Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products

Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun.

3.7
2020-12-10 CVE-2020-26268 Google Unspecified vulnerability in Google Tensorflow

In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable.

3.6
2020-12-08 CVE-2020-26233 Microsoft Use of Incorrectly-Resolved Name or Reference vulnerability in Microsoft GIT Credential Manager Core

Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET Core that runs on Windows and macOS.

3.6
2020-12-12 CVE-2020-35202 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS.

3.5
2020-12-12 CVE-2020-35201 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS.

3.5
2020-12-12 CVE-2020-35199 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS.

3.5
2020-12-11 CVE-2020-26265 Ethereum Incorrect Calculation vulnerability in Ethereum GO Ethereum

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.

3.5
2020-12-11 CVE-2020-28838 Opencart Cross-Site Request Forgery (CSRF) vulnerability in Opencart 3.0.3.6

Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd.

3.5
2020-12-11 CVE-2020-35127 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS.

3.5
2020-12-10 CVE-2020-26407 Gitlab Cross-site Scripting vulnerability in Gitlab

A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project

3.5
2020-12-09 CVE-2020-29259 Online Examination System Project Cross-site Scripting vulnerability in Online Examination System Project Online Examination System 1.0

Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the subject or feedback parameter to feedback.php.

3.5
2020-12-09 CVE-2020-10146 Microsoft Cross-site Scripting vulnerability in Microsoft Teams

The Microsoft Teams online service contains a stored cross-site scripting vulnerability in the displayName parameter that can be exploited on Teams clients to obtain sensitive information such as authentication tokens and to possibly execute arbitrary commands.

3.5
2020-12-09 CVE-2020-26249 Cogboard Cross-site Scripting vulnerability in Cogboard Red-Dashboard

Red Discord Bot Dashboard is an easy-to-use interactive web dashboard to control your Redbot.

3.5
2020-12-08 CVE-2020-25955 Student Management System Project IN PHP Project Cross-site Scripting vulnerability in Student Management System Project in PHP Project Student Management System Project in PHP 1.0

SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting (XSS) via the 'add subject' tab.

3.5
2020-12-08 CVE-2020-29539 Systransoft Cross-site Scripting vulnerability in Systransoft Pure Neural Server

A Cross-Site Scripting (XSS) issue in WebUI Translation in Systran Pure Neural Server before 9.7.0 allows a threat actor to have a remote authenticated user run JavaScript from a malicious site.

3.5
2020-12-10 CVE-2020-8908 Google
Quarkus
Oracle
Netapp
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir().

3.3
2020-12-10 CVE-2020-17097 Microsoft Unspecified vulnerability in Microsoft products

Windows Digital Media Receiver Elevation of Privilege Vulnerability

3.3
2020-12-09 CVE-2020-26261 Jupyterhub Exposure of Resource to Wrong Sphere vulnerability in Jupyterhub Systemdspawner

jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd.

3.3
2020-12-08 CVE-2020-27758 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in coders/txt.c.

3.3
2020-12-08 CVE-2020-27757 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long.

3.3
2020-12-08 CVE-2020-27754 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file.

3.3
2020-12-08 CVE-2020-27751 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/quantum-export.c.

3.3
2020-12-08 CVE-2020-25675 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer.

3.3
2020-12-08 CVE-2020-25666 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations.

3.3
2020-12-08 CVE-2020-27818 Libpng
Fedoraproject
Debian
Out-of-bounds Read vulnerability in multiple products

A flaw was found in the check_chunk_name() function of pngcheck-2.4.0.

3.3
2020-12-10 CVE-2020-8920 Google Unspecified vulnerability in Google Gerrit

An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where an overoptimization with the FilteredRepository wrapper skips the verification of access on All-Users repositories, allowing an attacker to get read access to all users' personal information associated with their accounts.

2.7
2020-12-10 CVE-2020-8919 Google Incorrect Authorization vulnerability in Google Gerrit

An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access.

2.7
2020-12-09 CVE-2020-26816 SAP Missing Encryption of Sensitive Data vulnerability in SAP Netweaver Application Server Java

SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted.

2.7
2020-12-11 CVE-2020-26416 Gitlab Information Exposure vulnerability in Gitlab

Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs.

2.1
2020-12-11 CVE-2020-28219 Schneider Electric Insufficiently Protected Credentials vulnerability in Schneider-Electric products

A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA Expert 2019 (Original release and Monthly Updates to September 2020, from 81.7268.1 to 81.7578.1) and EcoStruxure Geo SCADA Expert 2020 (Original release and Monthly Updates to September 2020, from 83.7551.1 to 83.7578.1), that could cause exposure of credentials to server-side users when web users are logged in to Virtual ViewX.

2.1
2020-12-11 CVE-2020-28214 Schneider Electric Use of a One-Way Hash with a Predictable Salt vulnerability in Schneider-Electric Modicon M221 Firmware

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictable salt would provide.

2.1
2020-12-10 CVE-2020-26270 Google Improper Input Validation vulnerability in Google Tensorflow

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend.

2.1
2020-12-10 CVE-2020-26271 Google Out-of-bounds Read vulnerability in Google Tensorflow

In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph.

2.1
2020-12-10 CVE-2020-27351 Debian Missing Release of Resource after Effective Lifetime vulnerability in Debian Advanced Package Tool

Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170.

2.1
2020-12-09 CVE-2020-2020 Paloaltonetworks Improper Handling of Exceptional Conditions vulnerability in Paloaltonetworks Cortex XDR Agent

An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting.

2.1
2020-12-09 CVE-2020-27349 Canonical Missing Authorization vulnerability in Canonical Ubuntu Linux

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges.

2.1
2020-12-09 CVE-2020-16128 Canonical Information Exposure Through an Error Message vulnerability in Canonical Ubuntu Linux

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196.

2.1
2020-12-08 CVE-2020-26234 Apereo Origin Validation Error vulnerability in Apereo Opencast

Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests.

2.1
2020-12-08 CVE-2020-27902 Apple Improper Authentication vulnerability in Apple Ipados and Iphone OS

An authentication issue was addressed with improved state management.

2.1
2020-12-08 CVE-2020-25677 Ceph
Redhat
Cleartext Storage of Sensitive Information vulnerability in multiple products

A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions.

2.1
2020-12-07 CVE-2020-8566 Kubernetes Information Exposure Through Log Files vulnerability in Kubernetes

In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs.

2.1
2020-12-07 CVE-2020-8565 Kubernetes Information Exposure Through Log Files vulnerability in Kubernetes

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files.

2.1
2020-12-07 CVE-2020-8564 Kubernetes Information Exposure Through Log Files vulnerability in Kubernetes

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials.

2.1
2020-12-07 CVE-2020-8563 Kubernetes Information Exposure Through Log Files vulnerability in Kubernetes

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log.

2.1
2020-12-08 CVE-2020-27925 Apple Unspecified vulnerability in Apple Ipados and Iphone OS

An issue existed in the handling of incoming calls.

1.9